Virtual Lab – New Domain User

This is part of my series on building a virtual lab for use with SQL Server and Windows. You can see the entire series here: Building a Virtual Lab with Hyper-V.

After the domain was up, I needed to add users. Specifically, I didn’t want to use administrator for all actions, since that bothers me. It just seems like a poor practice. I also needed service accounts. The accounts I needed:

  • sjones
  • Broncos SQL – for this SQL Server
  • Nuggets SQL – for this SQL Server
  • Rockies SQL – for this SQL Server
  • Joe – my test SQL account, without sa rights.

I’ll probably need more, but these are good for now.

Domain Users

I used the script in this post, in a variation, at the command line. I didn’t need all the fields, so this is what I used.

New-AdUser -SamAccountName "BroncosSQL" -Name "Broncos SQL" -Enabled $true -ChangePasswordAtLogon $false -PasswordNeverExpires $true -AccountPassword (ConvertTo-SecureString "MyPassword" -AsPlainText -Force)

Note: That wasn’t the password I used. I used a complex, 12 character, upper/lower case, numbers, etc. password.

I repeated this for all the users.

Domain Groups

For the most part, I don’t need, or want, to assign extra rights for these accounts. The SQL Server setup will assign local rights, and I’ll modify if needed. However I do need to grant domain admin rights to my main account to log on and run the domain at times.

I went back to basics, with TechNet documentation. I need the Add-ADGroupMember cmdlet to add someone. However, I also need the groups. I searched, and Spiceworks shows up again. I ran this:

Get-ADGroup -filter * -properties GroupCategory | ft name,groupcategory

and got this list:


I want to add sjones to the Domain Admins group. Using the Add-ADGroupMember, I ran this:

Add-ADGroupMember "Domain Admins" sjones

And it worked. I could easily log on and administer other machines with this account.

Virtual Lab – The Domain

This is part of my series on building a virtual lab for use with SQL Server and Windows. You can see the entire series here: Building a Virtual Lab with Hyper-V.

The big thing in setting up a domain is to enable you to connect multiple machines together, experiment with things like Powershell Remoting, AlwaysOn, etc.

There are a couple things you need to do here. The first is to install a domain controller on one of the VMs, and then you need to join the remaining computers to the domain. This isn’t that hard, and I’ll show you two ways to do this: the GUI and PoSh.

Create a Domain Controller

I followed instructions to build a domain from TheSQLPro, since that was the first, and simplest instruction I had. I connected to my ServerCore installation named DenverDC and ran this:

Install-windowsfeature -name AD-Domain-Services


Install-ADDSForest –DomainName “SSCLAB.LOCAL” -DomainMode Win2012 -DomainNetbiosName “SSCLAB” -ForestMode Win2012

I entered both of these from Powershell and restarted the VM.  I then ran a


and as you can see, I have a domain set up on this machine.


Joining the Domain from the GUI

The first step is to be sure that you have connectivity between your machine and the DC. I had to ensure I could ping back and forth, both by IP and computer name. I also made sure to set my DNS to the domain controller. In my case, this was the DenverDC at

Once I was fairly sure I had networking down, I went to the control panel on one of the machines. I went to the computer properties and clicked the "Change Settings" link.


From there, I had the basic properties. As you can see below, I was in a workgroup. The first thing to do is click the "change" button.


Once that’s done, you have the workgroup/domain set of radio buttons. I clicked the domain item and entered the name of my domain.


You get a credential box where you need to enter credentials. I believe these are the DC level credentials. For this lab, I have the domain and local administrators all using the same user/password (Administrator/mypassword) and entered that.


If networking is working, it should take a minute and then you’ll get this:


As soon as you click OK, you’ll get told this requires a reboot. It does, so restart.


Once you restart, if you go back, you should see that you are in the domain in the computer properties.


Joining from Powershell

I found this cmdlet that worked for me.

Add-Computer -DomainName "SSCLab.Local"

Once I typed this in, I got a dialog box asking me to enter the administrator credentials. I did that and it worked. I had to reboot with a restart-computer.


And we’re working



I did get an error on one of my VMs. It was error 0x21C4 on a Server Core installation. When I looked that up, I got a duplicate SID error. I had sysprep’d the machines, but perhaps I broke something. In any case, I re-ran sysprep, reset the network config, renamed the computer, and then joined the domain as noted above.

Virtual Lab – Adapter Setup

This is part of a series where I set up a virtual lab for testing and misc. work. The other parts in the series are here: Building a Virtual Lab with Hyper-V.

Once I had the machine up and running, I knew I needed to get the networking setup. One of the things I’ll do is do some clustering tests, and for that, I need to have static IP addresses. I’m an older, IPv4 guy, so that’s what I’ll use here.

I decided to put all my machines in the 192.168.1.x space. I’ll use these addresses:

  • DenverDC –
  • Broncos –
  • Nuggets –
  • Rockies –
  • Avalanche –

I’ll deal with the client machine when I get there. For now this is what I need to worry about.

The machines are set up and passwords changed. I now need to start them and get networking configured. I googled and found this TechNet article on using PowerShell to configure a NIC. There’s also the Configure a Core Server. I know you can use sconfig to do this easily, but I wanted to see how hard it is in PoSh. In the Standard edition, it’s easy to use the GUI as well.

First I needed to know what adapters I have. I ran


This told me my main adapter was “Ethernet 2”. So I ran this:

$netadapter = Get-NetAdapter -Name “Ethernet 2”

The first step is to remove DHCP. You’d do this by changing a radio button on the adapter settings. In this case, we do it with PowerShell.

$netadapter | Set-NetIPInterface -DHCP Disabled

Next we want to set up our IP address. In my case, I’m going to use the 10.10.10 address space.

$netadapter | New-NetIPAddress -AddressFamily IPv4 -IPAddress -PrefixLength 24 -Type Unicast -DefaultGateway

Once that is done, we can then look at DNS. In this case, I’m going to point it to my gateway, which doesn’t really resolve to anything (yet).

Set-DnsClientServerAddress -InterfaceAlias “Ethernet 2” -ServerAddresses

I repeat this for all my servers, getting them all set up with their proper IP addresses. Once I’m done, I have 5 servers running with the IPs above.

However none of them can ping each other. That’s strange, but not unexpected. The mindset to increase security by default is likely to blame. I don’t know what the exploits that can come through ping (DOS I guess), but I know more and more companies avoid allowing ping responses.

Turn off the firewall

I decide that I need to turn off the firewall to check. Since I have 2 Standard installations and 4 Core installations, I go to the Standard ones first and use the GUI to kill the firewall for my networks. It was at this point that I realized that by default my connections saw the network as public connections, not private.

I turn off the public connection firewall and pings work from one of the Core servers. Then I turn that on and disable the private firewall. Pings fail.

Now I know what to do. First, I use a security change in the GUI to set my Server with the Local Security Policy app in Windows. Once this is done, I set things to private, disable that firewall and verify pings work. I know this works, and now I’m ready to change the other servers.

I find a script on MSDN Blogs that shows me how to do this in PoSh. It’s a strange script, and it doesn’t give any results, but it seemed to work.

$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]”{DCB00C01-570F-4A9B-8D69-199FDBA5723B}”))
$connections = $networkListManager.GetNetworkConnections()
# Set network location to Private for all networks
$connections | % {$_.GetNetwork().SetCategory(1)}

Once I ran this, I then needed to turn off the firewall. I found this link and then ran this command.

netsh advfirewall set private state off


That worked, and then you can see my ping worked.


The top image above is from the machine I was working on. The bottom one shows the ping failing from my SQL machine to the DC, and then working once I’d disabled the firewall for the private network.

Update: I originally wanted to work in the 10.x.x.x space, but I kept confusing myself, so I moved all the machines to the 192.168.1.x network.

Rinse, repeat for all machines. Eventually I have every machine pinging every other machine and able to connect.

Networking working.

Virtual Lab – Setting up a new VM

This is part of a series where I set up a virtual lab for testing and misc. work. The other parts in the series are here: Building a Virtual Lab with Hyper-V.

I have my disks set up, now it’s time to create my virtual machines. I’m going to show you how to create one, but all really are done the same way. The names change, but no matter what my purpose is, this is how I set up the VMs. Once this is done, I’ll use other posts to go into the customizations for each machine.

We’ll start in Hyper-V manager, selecting a new VM.


After the welcome screen, you need to name your VM and choose a location. I’ve got a folder set up for this lab on my machine, so I choose that, and set the name (for this machine) as DenverDC. This will be my domain controller and the first machine I set up.


Next we assign memory. I’ll want more for the SQL Servers, but this is easily changed at a later date, so I’ll leave this alone. One of the advantages of Core is less memory needed, and I could probably get by with less, but since I have 24GB on the host, I can spare half a gig.


After memory comes the networking. As you can see, I have a number of choices. The "WholeWideWorld" is the connection some of my VMs use to access the internet. In this case, I’m choosing the Internal network, which is the Internal switch I have set up. This is limited to connections between the VMs and since I want this to be an isolated network, this works fine.


My internal switch is actually configured as follows:


Now we need to set storage. Since I set up my disks before this and named them in a way that I can understand, I choose the one I need. The default here is a new hard disk, but I’m saving space with differencing disks.


I get a summary. Please check this as you set things up. Note that my differencing disk is set.


I click finish, and I have a VM. I start it up from Hyper-V Manager and connect.


Inside of Windows, I get the familiar Windows start screen (for Win8/WS2012). I click CTRL+ALT+DEL (leftmost icon on the toolbar) and then get prompted to change my password


I change it,and I’ll use the same admin password on this machine that I use on a number of VMs.

NOTE: This is NOT the password I use for any other services, including my VMWware VMs. At all. It’s only for Hyper-V VMs, but since I may have a few generations of VMs, I don’t want to forget this password. I also may end up starting up a few random VMs for talks, so I need to be able to get in.

Once I log in, I get a basic session. Not much in Core.


The only thing I really want to do here is rename the computer. I need to do more, but those will be in other posts. Let’s get the hostname.

I could start server config (sconfig.exe) and get a basic setup, but I wanted to play with my PowerShell knowledge. So I started PoSh, and Google helped me find the computer name. I also used Google to find out the rename.


The computer name (hostname) comes from


It doesn’t make sense, so I rename it with

Rename-Computer -Newname "DenverDC"

Once this machine restarts (Restart-Computer), it will have a new name.

I know that I could use sconfig and it’s fast, or click around on my Standard servers and rename the machine, but once I get used to typing these commands in Powershell, it’s very, very quick.

Note that my disks have been updated with changes. Their sizes have grown from the original 4MB.


I repeat this process for all the other machines, just to get them set with a password and name. Once they’ve rebooted, they’re ready for the next step.

Virtual Lab – Creating Differencing Disks

This is part of my series on building a virtual lab for use with SQL Server and Windows. You can see the entire series here: Building a Virtual Lab with Hyper-V.

The whole point of virtualization is better use of resources. Whether it’s CPU, storage, networking, power, etc., we are trying to save having to purchase 5 or 6 machines and connect them all, pay for them, etc. It’s much, much easier to use virtualization.

This is especially true of storage. When we build a lab, we don’t want to have to allocate a ton of space for our systems. In my case, for my design, this is what I want to end up with.


From my last post, I had the bottom two files already set up. These are my installations of Windows Server 2012 R2 Standard and Core, sysprep’d and ready to use.

Differencing – Saving Space

The idea in differencing disks is similar to the snapshot feature I used in VMWare to do this same process. I take a base disk, and create a “copy” of it. Except the copy doesn’t have everything from the base disk. Like a database snapshot in SQL Server, if I need to read something that’s in the base disk, I reference that. If I change something, or add something, I read from the copy.

As you can see above, I have 5 small disks at 4MB and my 2 large base disks. Each of the small disks is a differencing disk off either the Standard or Core base installations.

I created these by selecting New Hard Disk in Hyper-V Manager


After the intro screen, I make sure I’ve picked VHDX.


At the next screen, I choose the differencing option.


Now I need to pick a location for the copy. On my setup, I’m trying to keep this lab contained, so I have a WS2K12 Lab folder. I choose that as my location for the differencing disk. I give it a name, in my case, I’m using “Function” concatenated with the name of the Windows host. As seen below, my file server will be named “FileAvalanche.vhdx”.


Next I choose the parent disk. this is the base image. Depending on what I had in my design, I choose the Standard or Core images for various machines.


I get a summary where I can see all my options, and then click finish.


I do this five times and all of a sudden I have a lab.

A few things. Use some naming convention so you can tell which disk is which. Also, make sure you stick things in a location. I set a specific folder location for my VMs and disks, and then altered the Hyper-V Manager settings to default to this folder. On my machine that’s D:\Virtual Machines.

That helps me keep things contained, and it also means that when I want to copy a VM for a backup or to another machine, it’s easy.

Virtual Lab – Design and Setup

This is part of a series where I set up a virtual lab for testing and misc work. The other parts in the series are here: Building a Virtual Lab with Hyper-V.

I haven’t had a good lab set up since I moved from VMWare to Hyper-V on my systems. Since then I’ve had a number of random VMs set up, but none connected in any meaningful way as a domain. They were all standalones, but that needs to change.

I wanted to do some additional testing with a few Windows and SQL features that needed a domain. So I decided to set one up with Hyper-V.

I googled around and found a few references:

I decided to try to do some of this myself, using these as guides, but also incorporating some of my new Powershell knowledge along the way. I won’t claim this is the best way to build a virtual lab, but this is the way I did it by cobbling together various piece of information.

With that in mind, here’s what I’m looking to do. I want to create a domain with a few servers and a client for testing. I plan on making this setup on a separate network, using the 10.10.10.x address space as I don’t expect to run into networks with that one at home, or work.

The machines I’m looking for are as follows. The role, OS, and then names are listed below:

  • DC (WS2K12 R2 Core) – DenverDC
  • SQL Server instances (WS2K12 R2 Core and Standard) – Broncos, Nuggets, and Rockies
  • File Server (WS2K12 R2 Standard) – Avalanche
  • Client (Win 8) – Keystone

I’ll be running through the process and trying to document this for myself, and others.

First Steps

The first steps here are easy. I have Hyper-V setup, but if you don’t, it’s an easy confg item you can see at the beginning of this article.

Next, download software. I didn’t have Windows Server on this machine, so I accessed MSDN and downloaded Windows Server 2012 R2. I have an MSDN license, so I get a few licenses. As this was downloading, I made not of the product keys.

I’ve had a space on my machine setup. Since I used to use VMWare and Hyper-V, I have a space on my spare drive where I separate Hyper-V and VMWare. Inside the Hyper-V folder are my VMs for quick copying to my external drives and laptop as backups. In this case, I’m setting up a “WS2K12 Lab” folder.


The Parent

This is a standard setup I’ve seen in all the tutorials. Create a VM, create a new hard disk (I used defaults), install Windows Server, and run “sysprep” on the VM. I did this with both Core and Standard Server. This gave me two hard disks that had images of the server systems on them.


I first set these disks to “read only” and then deleted the parent VMs. This gets me the base systems on which I will build things. I’ll deal with the Win 8 client later.

That’s all I’m talking about here. I’ll move into the rest of the steps in future posts.

Windows Server 2012 and Hyper-V

Hyper-V looks like a great candidate for almost any SQL Server with the enhancements in Windows Server 2012.

I recently went to a Microsoft event in Denver on Windows Server 2012 and Hyper-V improvements. A bunch of the information was presented by Harold Wong (b | t) and there’s a number of demos and notes from the talks on his blog.

I haven’t looked much at the Windows server OS’s in years and not much at Hyper-V. I have preferred VMWare for my demo/research environments, especially as I move between Windows and OSX regularly. However I’ve thought Hyper-V was rapidly improving and on the right track. I was surprised to find the new limits in Hyper-V under Windows Server 2012 to be quite high for both the host OS and the guests. You can have up to

  • 64 virtual processors
  • 1TB RAM
  • 64TB (vhdx format)
  • 4 virtual Fibre Channel adapters
  • much more

With 320 logical processors and 4TB of ram on the host, it seems as though Hyper-V is on par with VmWare ESX 5. There’s a lot more to look at than software cost, but at this time, it appears all new virtualization projects using Windows ought to consider Hyper-V.

There were interesting demos on replicas, live migration, improvements in file transfers and more. They were designed to make things look good, and there’s a good marketing presentation on the capabilities. I’m sure the actual implementation isn’t as easy or smooth as in the talks, but it did make me think there’s no reason virtualization shouldn’t be considered for SQL Servers, especially as you move to newer hardware.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Windows Server 2012 and Hyper-V

I recently went to a Microsoft event in Denver on Windows Server 2012 and Hyper-V improvements. Harold Wong (b | t) showed quite a few demos and there’s a number of demos and notes from the talks on his blog.

I haven’t looked much at the Windows server OS’s in years and not much at Hyper-V. I’m sure the actual implementation isn’t as easy or smooth as in the talks, but it did make me think there’s no reason virtualization shouldn’t be considered for SQL Servers, especially as you move to newer hardware.

Hyper-V Guests

Virtualization has really changed the way that we deal with software. It seems that more and more often I find people using virtualization for all sorts of systems, both production and non-production servers. The ability to run multiple operating systems on a single physical host means that systems are used more efficiently. It also means that more people have the ability to experiment with alternatives to the standard Windows OS that so many of us use.

Hyper-V has gained a lot of attention over the last few years as Microsoft has tried to get people to run this hypervisor.  It seems that quite a few people have had success running Hyper-V, and it becomes more popular all the time. However, not everyone is happy, and I found a  post about Linux support in Hyper-V, or the lack thereof.

Whether Microsoft is mis-representing their support is one thing, but this did have me thinking about a wider issue. As we build more and more systems that are virtualized, or even composed of services offered by other vendors, to what extent should the vendor provide support? Is it reasonable to say that your platform works with software x, y, and z, even if you don’t have engineers trained to support the software?

This could become a large pain point in the future for other types of platforms, as I am sure it will continue to be an issue with hypervisors.  I’m not sure I would expect a hypervisor vendor to offer full  support for various guest operating systems, but I certainly would expect that they would work with engineers at other companies to solve issues, especially if I have a support contract.

Steve Jones